Physically changed address - how to update freedombox IP

Support
1

Problem Description
I’ve been pretty happy with my freedombox. I’ve recently moved into a new home, and have a new ISP and IP address. How do I get my freedombox set back up with the new ISP? Is there a series of steps I need to take with the domain name and other services? What about the certificates?

Steps to Reproduce

  1. Have a working freedombox
  2. build a huge freaking awesome log home from trees you cut down and peeled and then stacked with block and tackle.
  3. obtain fiber internet from the local podunk ISP
  4. unplug freedombox and move it to the aforementioned log home and plug into new router.
  5. get a message on the internet that says it’s broken

Expected Results
I actually had no expected results. I knew it probably wouldn’t work “out of the box”.

Actual results
I get an error with the following message:

" Your connection is not private

Attackers might be trying to steal your information from mudbox.freedombox.rocks (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_AUTHORITY_INVALID"

Screenshot
https://i.imgur.com/XI9m9O2.png

Information

  • *software: You are running Debian GNU/Linux 12 (bookworm) and FreedomBox version 23.6.2. FreedomBox is up to date.
    • hardware: it’s just an old acer netbook with an ethernet port and an Atom processor
  • How did you install FreedomBox?: ‘apt install freedombox’

thanks, guys!

2

I guess you need to have your web browser let you access the page (by accepting to go there or using plain http) and go to system->let’s encrypt and click on the button to obtain a new certificate.

Side note: you can attach images to this forum, no need for i.imgur.com that is plenty of javascript and trackers. If you really need this kind of service, https://paste.debian.net/ is a much better choice.

1 Like
3

Hi -
Thanks, I tried all that, but still can’t access it from the web.

I can access it locally (internally on my local internet), but not publicly (like: from my smart phone over 4g).

I didn’t know I could attach images directly, so thanks for that.

Is there anything else I can try to get this working?

4

I ran the “diagnostic test” provided by freedombox - it says port 80 is open - so then I connected my laptop to my cell as a hotspot (to avoid hairpinning my connection), and I cannot reach my freedombox publicly. so then I tried pinging the ip address of my freedombox, and I can do that successfully.
So how do I verify port 80 is really open? call my ISP ?

5

Sorry, I think I told you something wrong before: the let’s encrypt certificate is probably fine.

You are apparently using the freedombox dynamic DNS service, which I have never used, so I have no clue about it.

What if you try to reach your freedombox from the laptop with a web browser (as you did) but using your public ip address rather than the name?

6

ok, I tried that - I get this:

Screenshot_2023-08-17_09-26-27
Screenshot_2023-08-17_09-26-27789×526 17.6 KB

I have a ticket in to my ISP, I think I need to verify port 80 is open or whatever.

7

Did you redirect ports 80 and 443 from your router to your freedombox?

The situation might also be that you don’t even have a public IPv4 address allocated to you, i.e. that they use CGNAT, in which case you can’t do that. How do you connect to your ISP? Is the modem/router your own or the ISP provides them?

8

yeah, I don’t even know how to log in to my router…thus the ticket in to my ISP. I’ll see what they say, and update this issue as I find out…

My old router had instructions online (Comcast)…

9

it’s complicated. I need a user guide for an adtran 834-5.

talked to the ISP, they gave me the password for my router. I logged in, and I don’t know what I’m looking at. not sure how to fill this out:

Screenshot_2023-08-17_12-44-03
Screenshot_2023-08-17_12-44-03353×599 16.9 KB

I’ll keep working on it, but right now, when I go to my server address, it’s bringing me to the router login page, so obviously I don’t know what I’m doing… :slight_smile:

10

Leave the first 3 as they are, in “Destination Device”, see if you can find something that identifies your freedombox and in “Destination IP” set it s local IP.

For the other ones, what are the choices? There should be the option to select a port or a port range, and TCP and/or UDP. What is needed is TCP for ports 80 and 443. I would select enable Hairpin maybe, not sure.

1 Like
11

ok, I did all that, thank you!

And I ended up adding a DMZ for the netbook’s IP address.

And now it works! (I think) thanks for the help.

12

Maybe you just need to update the settings with your ddns-service.
Mine is
https://ddns.freedombox.org/
Had the same shit recently, and didn’t find the mistake for weeks. When I found out, I could connect via IP, it seemed to be reasonable, to check the dns-resolver. Thad did the trick for me. Seems you haven’t tried this so far. Congrats to the Loghouse!

1 Like
13

I see mention of redirecting ports 80 and 443. I have my router set up as a DMZ. Does that take care of forwarding the required ports or do they need to be set up as forwards even with a DMZ?

14

If you have the router setup with DMZ set to the local address of your freedombox and that address does not change, there should be no need to do anything more.

That said, this DMZ concept depends on routers, it may be only for IPv4, and ISPs may configure filters/exceptions on their routers without saying. I tried using IPv6 but I did not manage to configure things properly so for the time being, I have deactivated IPv6.

1 Like